
<!-- saved from url=(0053)https://172.16.165.10/template/show_vul_desc?id=75098 -->
<html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Main</title>

<link href="https://172.16.165.10/media/stylesheet/nsfocus_2012/pane.css" rel="stylesheet" type="text/css">
<link href="https://172.16.165.10/media/stylesheet/nsfocus_2012/nsfocus_ui.css" rel="stylesheet" type="text/css">
<link href="https://172.16.165.10/media/js/jquery/easyui.css" rel="stylesheet" type="text/css">
<link href="https://172.16.165.10/media/stylesheet/nsfocus_2012/table.css" rel="stylesheet" type="text/css">
<link href="https://172.16.165.10/template/stylesheet/nsfocus_2012/page.css" rel="stylesheet" type="text/css">
<script type="text/javascript" src="https://172.16.165.10/media/js/jquery/jquery-1.7.2.js"></script>
<script type="text/javascript" src="https://172.16.165.10/media/js/prototype.js"></script>
<script type="text/javascript" src="https://172.16.165.10/media/js/cavy.js"></script>
<script type="text/javascript" src="https://172.16.165.10/media/js/ui.js"></script>
<script type="text/javascript" src="https://172.16.165.10/media/js/jquery/jquery.js"></script>
<script type="text/javascript" src="https://172.16.165.10/media/js/page.js"></script>
<script type="text/javascript" src="https://172.16.165.10/media/js/common.js"></script>
<script type="text/javascript" src="https://172.16.165.10/media/js/datepicker/WdatePicker.js"></script><link href="https://172.16.165.10/media/js/datepicker/skin/WdatePicker.css" rel="stylesheet" type="text/css">

</head>
<body class="dialog">
	<div class="content">
		<div class="wrap">
			<div class="cont">
			<table class="cmn_table plumb" style="white-space: pre-wrap;">
				<tbody>
				<tr class="odd">
					<th>漏洞名称</th>
					<td><img src="https://172.16.165.10/media/images/report/vuln_high.gif">海康威视(Hikvision) DVR/NVR设备存在远程缓冲区溢出漏洞(CVE-2014-4878)【原理扫描】
					</td>
				</tr>
				<tr class="even">
					<th>漏洞描述</th>
					<td>Hikvision DVR DS-7204是硬盘录像机产品。

Hikvision DVR DS-7204（固件版本2.2.10）在RTSP请求主体解析代码的实现上存在缓冲区溢出漏洞，攻击者可利用此漏洞在受影响设备上下文中执行任意代码。</td>
				</tr>
				<tr class="odd">
					<th>解决方法</th>
					<td>厂商补丁

hikvision
---------
目前厂商已经发布安全公告和升级程序，请根据自己产品型号，到厂商主页下载，公告和下载地址：
http://www.hikvision.com/cn/support_det_591_i240.html
http://www.hikvision.com/cn/download_606.html
</td>
				</tr>
				<tr class="even">
					<th>危险分值</th>
					<td>7.0</td>
				</tr>
				<tr class="odd  hover">
					<th>危险插件</th>
					<td>否</td>
				</tr>
				<tr class="even">
					<th>发现日期</th>
					<td>2014-07-10</td>
				</tr>
				
				<tr class="odd">
					<th>CVE编号</th>
					<td>CVE-2014-4878</td>
				</tr>
				
				
				<tr>
					<th>CNNVD编号</th>
					<td>CNNVD-201412-017</td>
				</tr>
				
				
				<tr class="even">
					<th>CNCVE编号</th>
					<td>CNCVE-20144878</td>
				</tr>
				
				
				<tr class="odd">
					<th>BUGTRAQ</th>
					<td>71302</td>
				</tr>
				
				
				<tr class="even">
					<th>NSFOCUS</th>
					<td>28494</td>
				</tr>
				
				
				
				<tr>
					<th>CNVD编号</th>
					<td>CNVD-2014-08566</td>
				</tr>
				
			</tbody>

			</table>
			</div>
		</div>
	</div>
	<div class="button">
		
			<input type="button" class="cmn_btn" value="关闭" onclick="top.dialog2.hide();">
		
		
	</div>


<script type="text/javascript">

</script>
</body></html>